General

  • Target

    photographed.dat

  • Size

    358KB

  • Sample

    230531-pp7xesfc4y

  • MD5

    2c55c2c1b7fbc68e11f48a6a13a34ec1

  • SHA1

    725de881de6a04ebbdc7422710daa343af3dfc66

  • SHA256

    6b157281cbb1af882dc0e88eb4832bb892e8c2e1678e0bcf30050d47f015f77f

  • SHA512

    b34069d217f25824bd6f54467c2f4269be0964b38c0ee8c96a52ea35d7f13c0e426a8629c3e5ae8f55c30cea7d6719c403e59f738f514321c50cf2c67591a454

  • SSDEEP

    6144:ELh9nrxRw13UyU2G8g1QYYZTDt3n2x+Bdv5zsjiBsTYrPlUEYD/QzkRWAFctOp6c:mInTDtXF15zsjiyZ/0tSkStJB/ts

Malware Config

Extracted

Family

qakbot

Version

404.1320

Botnet

BB30

Campaign

1685526716

C2

198.2.51.242:993

88.126.94.4:50000

123.3.240.16:6881

183.87.163.165:443

27.99.32.26:2222

180.151.229.230:2078

27.109.19.90:2078

122.184.143.86:443

105.101.207.3:443

84.215.202.8:443

85.231.105.49:2222

12.172.173.82:995

184.181.75.148:443

72.134.124.16:443

149.74.159.67:2222

174.4.89.3:443

200.84.200.20:2222

223.166.13.95:995

69.133.162.35:443

80.12.88.148:2222

Targets

    • Target

      photographed.dat

    • Size

      358KB

    • MD5

      2c55c2c1b7fbc68e11f48a6a13a34ec1

    • SHA1

      725de881de6a04ebbdc7422710daa343af3dfc66

    • SHA256

      6b157281cbb1af882dc0e88eb4832bb892e8c2e1678e0bcf30050d47f015f77f

    • SHA512

      b34069d217f25824bd6f54467c2f4269be0964b38c0ee8c96a52ea35d7f13c0e426a8629c3e5ae8f55c30cea7d6719c403e59f738f514321c50cf2c67591a454

    • SSDEEP

      6144:ELh9nrxRw13UyU2G8g1QYYZTDt3n2x+Bdv5zsjiBsTYrPlUEYD/QzkRWAFctOp6c:mInTDtXF15zsjiyZ/0tSkStJB/ts

MITRE ATT&CK Matrix

Tasks